Re: Signing application which communicates with the sim card

The code signing keys you received from RIM to sign your application would not be applicable for this because all applications are signed using the same key, meaning other applications would have access to your data.

Re: Signing application which communicates with the sim card

I generated my keypair successfully.But now I got stucked about how to go on.As I assume I should create a certificate from the public key created and load this certificate to the handset.Am I right with this?My .cod file is already signed with my private key, but the certificate is still missing, so on handset I get this error when trying to create connection to an applet AID on the sim card:

Re: Signing application which communicates with the sim card

Yes, exactly, I have my javacard applet on the sim card that can receive APDU command.

But now I get the above exception already when trying to open the connection to the applet.

I have already done the same with a samsung handset (s5230n).That handset also supports JSR177.In that case I signed my j2me application with a private key, and I created certificate from the public key, which was stored on the sim card via PKCS15# format.And it worked. The application can communicate successfully with the javacrad applet on the sim.

Now I would like to make the same on BB.The problem is that this code Signing tool creates the keypair in .dat files, and I have no idea how to create certificate from .dat file.

Maybe I am on totally wrong way, I just try to copy the scenario what works well on samsung.

Re: Signing application which communicates with the sim card

the signing requirements for a BlackBerry application are different to those which apply to a MIDlet so I'm assuming you do mean a BlackBerry application i.e one which extends our Application or UiApplication classes and not a MIDlet.

It sounds as though your SIM has an ACF installed on it, hence the need for certificate based signing. To sign your application in a way which will be compatible with the SIM and its ACF checking, you need a new tool from RIM called "CodTool". This is available on application to your RIM carrier technical manager. We expect to package it with the Eclipse JDE as standard at some point but I believe that for now you must contact your carrier technical manager (sometimes called a "CTM").

Once you have the CODTool:

In order to use the CodTool, you must have JRE 1.6 installed.

For example, suppose that myfile.cod contains a JSR177 application. For the SATSA Appendix A (SATA) access control, you must sign this application. Assume you have a Java KeyStore (JKS format) file called

keystore.jks; you've protected this file with the password 'jkspassword', and it contains a key called 'mykeyinjks'. In this case, you would complete the signature using the CodTool with the following command:

You create the certificate itself using a 3rd party tool not with a tool provided by RIM. For testing purposes, the Java KeyTool could be used.

Note that if you use any of the APIs from the net.rim.device.api.io.nfc.se package then your will also need to acquire a special code signing key from RIM called NFCR. You'll also need to ask your CTM to arrange this. Once you have it you install it in Eclipse in the normal way and it will be used automatically to sign your cod file if required.

I hope this helps.

--------------------------------------------------------------------------------------------Feel free to press the like button on the right side if you liked my attempts to help :-)And please mark posts as solved if you think I found the solution or set you on its path. Thanks!Follow me on Twitter: @mdwrim